b8f0624a5059fb71e022973b809c6e30_NeikiAnalytics[.]exe

Sharing

Copy URL

Twitter E-mail

General

Target

b8f0624a5059fb71e022973b809c6e30_NeikiAnalytics.exe
Size

1.9MB
MD5

b8f0624a5059fb71e022973b809c6e30
SHA1

1539b10548c40590c15cc25bf029a02d492664ed
SHA256

2bc1ca62ed010b522402e4b2963cba366f34da3dc5026d3cdcd1f229bb4eefe4
SHA512

4ac4ee4c74f8d691a29deff5b525f58bc026cfe9ad44188339578da81b2cbf7e6a6fc32aa9193c68f721d519027a99a700789ff25be654cb727d4fa3037e8ed2
SSDEEP

49152:+N60NVmbEUVpGS30lQHPB7haMowhB7/Taft2zh6IA:UVmbrPCMowh5/TaftsPA

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b8f0624a5059fb71e022973b809c6e30_NeikiAnalytics.exe

Files

b8f0624a5059fb71e022973b809c6e30_NeikiAnalytics.exe
.dll windows:5 windows x86 arch:x86

0f646ff1f86e69b870131a23b6902cc2

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

user32

CloseWindow
keybd_event
IsRectEmpty
GetGuiResources
SwitchDesktop
CharLowerBuffW
GetTopWindow
LookupIconIdFromDirectoryEx

winscard

SCardSetCardTypeProviderNameA

advapi32

GetSecurityDescriptorGroup
SetServiceObjectSecurity
CryptSignHashA

shell32

Shell_NotifyIconW

winspool.drv

SetPortW
EnumPrinterDataExW

shlwapi

StrTrimW
SHDeleteKeyA

kernel32

CompareStringW
CompareStringA
GetSystemTimeAsFileTime
Sleep
SetEnvironmentVariableA
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
GetEnvironmentStringsW
GetDriveTypeA
SetFilePointerEx
GenerateConsoleCtrlEvent
GetCurrentActCtx
BeginUpdateResourceA
ProcessIdToSessionId
GetModuleHandleA
GetProcAddress
GetModuleHandleW
GetModuleFileNameW
GetModuleFileNameA
GetCPInfo
InterlockedIncrement
InterlockedDecrement
GetACP
GetOEMCP
IsValidCodePage
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
SetLastError
GetCurrentThreadId
GetLastError
GetCurrentThread
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
WriteFile
WideCharToMultiByte
GetConsoleCP
GetConsoleMode
FlushFileBuffers
FatalAppExitA
LCMapStringA
MultiByteToWideChar
LCMapStringW
GetStringTypeA
GetStringTypeW
HeapFree
FreeEnvironmentStringsW
ExitProcess
GetTimeFormatA
GetDateFormatA
GetUserDefaultLCID
GetLocaleInfoA
EnumSystemLocalesA
IsValidLocale
InitializeCriticalSectionAndSpinCount
RtlUnwind
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
SetFilePointer
SetStdHandle
HeapCreate
HeapDestroy
VirtualFree
HeapAlloc
VirtualAlloc
HeapReAlloc
SetConsoleCtrlHandler
FreeLibrary
InterlockedExchange
LoadLibraryA
GetTimeZoneInformation
CreateFileA
CloseHandle
GetCommandLineA
HeapSize
GetLocaleInfoW
FreeEnvironmentStringsA
GetEnvironmentStrings

rasapi32

RasSetEapUserDataW

msvfw32

ICCompressorFree

esent

JetEscrowUpdate

netapi32

NetApiBufferSize

setupapi

CM_Get_Class_Name_ExW
SetupDiRemoveDevice
SetupDiDestroyDeviceInfoList

comctl32

ImageList_LoadImageW

crypt32

CryptVerifyCertificateSignatureEx
CryptGetDefaultOIDFunctionAddress
CryptHashPublicKeyInfo

oleaut32

VarCyFromI4
SafeArrayDestroy
SafeArrayGetElement
SafeArrayAllocDescriptor

rpcrt4

I_RpcServerUseProtseqEp2W

ole32

CoGetCurrentLogicalThreadId

secur32

QuerySecurityContextToken

gdi32

LineTo
ResizePalette
SetTextColor

winmm

timeGetDevCaps
waveOutGetID

Exports

Exports

SdekbleRstnees

Sections

r_ZdK
Size: 124KB - Virtual size: 120KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1.7MB - Virtual size: 1.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 24KB - Virtual size: 31KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

HE8wLE62
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

0f646ff1f86e69b870131a23b6902cc2

Headers

DLL Characteristics

File Characteristics

Imports

user32

winscard

advapi32

shell32

winspool.drv

shlwapi

kernel32

rasapi32

msvfw32

esent

netapi32

setupapi

comctl32

crypt32

oleaut32

rpcrt4

ole32

secur32

gdi32

winmm

Exports

Exports

Sections

r_ZdK Size: 124KB - Virtual size: 120KB

.rdata Size: 1.7MB - Virtual size: 1.7MB

.data Size: 24KB - Virtual size: 31KB

.rsrc Size: 4KB - Virtual size: 1KB

HE8wLE62 Size: 16KB - Virtual size: 15KB

r_ZdK
Size: 124KB - Virtual size: 120KB

.rdata
Size: 1.7MB - Virtual size: 1.7MB

.data
Size: 24KB - Virtual size: 31KB

.rsrc
Size: 4KB - Virtual size: 1KB

HE8wLE62
Size: 16KB - Virtual size: 15KB